Previous Next

dced_secval_stop(3dce)

Stops the security validation service of a specific host's dced

Synopsis

#include <dce/dced.h>

void dced_secval_stop(

dced_binding_handle_t dced_bh,

error_status_t *status);

Parameters

Input

dced_bh
Specifies the dced binding handle for the secval service on a specific host.

Output

status
Returns the status code from this routine. This status code indicates whether the routine completed successfully or, if not, why not.

Description
The dced_secval_stop( ) routine stops the security validation service (secval) of a specific host's dced. This routine is typically used by management applications.

The secval service is commonly started by default when dced starts. The main use of dced_secval_stop( ) and dced_secval_start( ) is to force a refresh of the host principal credentials. This is the only way to force certain registry changes made by the host principal (such as groupset membership) to be seen by processes running on the host.

You can easily stop and then start the secval service with the following operations:

dcecp -c secval deactivate

dcecp -c secval activate

It is not a good idea to remove the machine principal self credentials for an extended period of time because processes running as self will fail in their attempts to perform authenticated operations.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

error_status_ok

dced_s_bad_binding

dced_s_sv_not_enabled

sec_acl_invalid_permission

Related Information
Routines: dced_secval_start(3dce)

dced_binding_create(3dce)

dced_binding_from_rpc_binding(3dce)

Commands: dced(8dce), secval(8dce)

Book: OSF DCE Application Development Guide - Core Components